If you’re heading overseas this popular vacation month, don’t underestimate the risks of your smartphone, tablet or other portable devices being hacked…even when visiting countries not typically associated with cybercrime.

True, the U.S. leads all popular vacation destinations in overall mobile threats, where hacking of files and data on hand-held devices occurs about 5 million times per year, according to Keeper Security, a Chicago-based password manager firm. (Previous research by Symantec, which makes Norton antivirus products, indicates the riskiest American cities are Seattle, Boston, Washington, San Francisco and Raleigh).

The United Kingdom is a distance second with 2 million threats, followed by Spain (1.7 million), France (700,000), Poland (475,000), Canada and Italy (400,000 each), Portugal (375,000), the Netherlands (320,000) and Greece (75,000).

But considering our nation’s population, use of mobile devices and availability of public WiFi, only about 1.5 percent of Americans and tourists are victimized – putting us solidly in the middle of the “at-risk” pack. With those factors in the mix, Spain reigns, followed by Portugal and the United Kingdom; each has a population-based mobile hacking rate at least twice as high of ours, according to Just About Travel – a U.K. based website. The Netherlands ranks number 4 with a nearly 2 percent gotcha rate, and following the U.S. at number 5 are Poland, Canada, France and Greece.

What about China, India, Brazil and Russia, which along with America, claim the world’s highest rate of smartphone use? Mobile threats are less likely to occur within those countries, says Keeper CEO Darren Guccione, because they are not as prosperous as the U.S or U.K. (and cyber-crooks prefer to follow the money). Meanwhile, language barriers make Japan, Germany and other countries less attractive targets, he tells the Fraud Watch Network.

Take charge when you recharge. Don’t charge your devices with anything other than your own chargers plugged directly into the wall or into your adapter. “It’s easy for cyber thieves to install malware onto hotel and other public docking stations,” notes Guccione. “And never connect any USB drive or other removable media that you don’t personally own.”

Avoid “house” computers. Crooks can (and do) install malware on machines made available to the public at libraries, hotels and other businesses. If you do use them, don’t utilize them for tasks where you need to supply log-in or financial credentials such as online shopping, online banking or other sensitive accounts, or even your personal email.

Pack new passwords with your passport. Before leaving, change log-in credentials and passwords for all mobile device apps; with a password manager, you won’t have to remember them. “When doing this, use two-factor authentication if possible,” adds Guccione. Passwords should be no less than eight characters, with a combination of nonsensical letters, numbers, and symbols. “And don’t use the same PIN for hotel room safes that you use for your device password.

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.